Principles are general rules and guidelines, intended to be enduring and seldom amended, that inform and support the way in which an organization sets about fulfilling its mission. In their turn, principles may be just one element in a structured set of ideas that collectively define and guide the organization, from values through to actions and results.
Architecture principles define the underlying general rules and guidelines for the use and deployment of all IT resources and assets across the enterprise. They reflect a level of consensus among the various elements of the enterprise, and form the basis for making future IT decisions.
These principles of information management apply to all organizations within the enterprise. The only way we can provide a consistent and measurable level of quality information to decision-makers is if all organizations abide by the principles. Without this principle, exclusions, favoritism, and inconsistency would rapidly undermine the management of information.
List of Enterprise Principles
- Focus On Customer
- Bias For Action
- Think Globally Act Locally
- Design For Reliability
- Treat Data As An Asset
- Secure From Start
- Reuse What We Have, Buy What We Need, Build For Competitive Edge
- Drive For Ease of Use
- Engineer Solution With Strong Design Foundations
- Anticipate And Plan For Change
Principle 1: Focus On The Customer
Statement: Align IT strategies to the customer, focusing on adding value to the customer without compromising strategic business objectives
Rationale: A focus on the customer aligns technology objectives with the firm’s objectives and values. Keeping the customer’s needs at the forefront helps frame decisions. When we do what’s right for the customer, we do what’s right for the firm.
Implications: Align IT strategies to the customer
Actively build trusting relationships and communications with our partners through transparency, integrity, and professionalism
Focus on adding business value earlier without compromising strategic objectives
Create customer-led digital experiences around moments that matter
Innovate for our clients rather than conduct science experiments
Principle 2: Bias for Action
Statement: Speed matters in business. Changes to the enterprise information environment are implemented in iterative and incremental fashion
Rationale: Many decisions and actions are reversible and do not need extensive study. We value calculated risk taking.
Scope of change for a system needs to be managed. Incremental and iterative changes are preferred over boiling the ocean.
Implications: Changes must be requirements driven and delivered in a responsive manner
A business need must be considered, but it must also be aligned with other enterprise architecture principles. There must be a balance between business needs and IT operations.
Scope must be managed to avoid adding low value stuff or increasing risk by an ambitious change agenda
Value creative destruction. Deliver value in an iterative manner. If requirements, priorities or scope change, interim solutions must be decommissioned in a timely manner.
Challenge the status quo by continuously innovating and improving. Take risks, fail fast and learn from past failures
Don’t let perfect be the enemy of good.
Principles 3: Think Globally Act Locally
Statement: Strategic solutions must always strive to maximize benefits generated for our customers at the lowest long-term risks and costs through the creation and/or leveraging of shared enterprise capabilities.
Rationale: This principle embodies “service above self”. Maximum return on investment requires strategic information and technology portfolio management decisions to adhere to enterprise-wide drivers and priorities. No minority group will detract from the benefit of the whole. However, this principle will not preclude any minority group from getting its job done.
Implications: Information management initiatives should be conducted in accordance with the enterprise plan. Application development priorities must be established by the entire enterprise for the entire enterprise.
Individual organizations should pursue information and technology management initiatives which conform to the blueprints and priorities established by the enterprise.
As needs arise, plans and priorities must be adjusted. A forum with comprehensive enterprise representation should make these decisions.
Think and act like owners of the business – treat every dollar spent as if it is your own. Base decisions on Total Cost of Ownership (TCO) versus project costs
Openly communicate the state of technical debt and aggressively eliminate. Make sun setting legacy solutions a priority
Priority should be given to deliver and operate scalable enterprise wide capabilities over local capabilities.
Principle 4: Design For Reliability
Statement: Business activities must be maintained despite system interruptions
Rationale: Assume all systems will eventually fail. As system operations become more inherent, we become more dependent of them. Therefore, we must consider the reliability of such systems throughout their entire conception and application. Business areas throughout the entire company must be able to continue conducting their normal activities, regardless of external events. Hardware failures, natural disasters, and lack of data integrity must not interrupt business activities. Business activities must be able to employ alternative mechanisms to convey information.
Implications: Customers must be able to transact with us, in face of system failures or external events.
Dependence on shared applications implies that business interruption risks must be expected and managed in advance.
Management includes, but is not limited to, periodic revisions and testing, designing mission-critical services to ensure continuity through redundancies or alternative resources
Recoverability, redundancy, and maintenance must be approached at inception
Applications must be assessed regarding criticality and impact on the company’s mission to determine which continuity level is required and which corresponding recovery plan must be implemented
Technology components must be engineered to meet the RTO & PO as defined for the dependent business services
Principle 5: Treat Data As An Asset
Statement: Information is a valuable asset to the enterprise and is managed accordingly
Rationale: A strong data foundation improves the firm’s ability to leverage data for competitive advantage. It also promotes better decisions that are dependent on reliable data sources and quicker methods of data distribution and analysis. We must store, transform, transmit and secure data in ways that maximize efficiency and reduce risk.
Implications: Actively measure the quality/accuracy of our data and manage our critical data
Define data consistently, ensuring its structure and definitions are aligned to the enterprise model
Ensure data is shareable to the appropriate functions and organizations
Protect our data and limit access to the extent necessary to accomplish related goals
Build systems of insight that turn data into action across the organization
Promote reuse of data management capabilities, practices and systems
Principle 6: Secure From Start
Statement: Information security is everyone’s business.
Rationale: Open information sharing and disclosure must be balanced with the need to restrict the availability of confidential, proprietary, and sensitive information. Information is protected based on integrity, availability, confidentiality and authenticity.
Implications: Enable the business to make informed technology risk decisions
Protect employee and customer identities, assets & interactions
Ensure that solutions are thoroughly and systematically assessed for vulnerabilities prior to operationalizing
Enable solutions that operate in a secure manner by enforcing layered controls
Security must be built into the design and not added later
Security should empower business capabilities
Systems, data, and technologies must be protected from unauthorized access and manipulation
Security must be hardened from within. Must be hard on the outside as well as inside.
Principle 7: Reuse what we have, Buy what we need, Build for competitive edge
Statement: Reuse capabilities first then buy before looking to build. Development of common use applications across the enterprise is preferred over the development of similar or duplicative applications which are only provided to a particular organization.
Rationale: Promote opportunities for reuse of business and technology capabilities. Buy mature industry standard
capabilities for efficiency and build differentiating capabilities to drive competitive advantage
Implications: Development of applications used across the enterprise is preferred over the development of similar or duplicative applications which are only provided to a particular organization.
Reusable components represent opportunities to reduce IT development times and costs. Reusable components leverage investments in current systems.
Organizations will not be allowed to develop capabilities for their own use which are similar/duplicative of enterprise-wide capabilities
Control technical diversity. Supplier management must focus on the lowest number of suppliers possible to meet business needs and reduce risks.
We are not freezing our technology baseline. We welcome technology advances and will change the technology blueprint when compatibility with the current infrastructure, improvement in operational efficiency, or a required capability has been demonstrated.
Principle 8: Drive For Ease of Use
Statement: Applications should be easy to use and transparent to users, so it enables them to concentrate on their tasks, rather than on system operation issues.
Rationale: The more that users need to understand the technology employed, the less productive they will be. The easy-to-use concept is a positive reinforcement for using applications. It encourages users to work within the integrated information environment rather than developing isolated systems to perform tasks outside of the integrated corporate environment. Most of the knowledge required to operate systems is very similar. Formatting is limited to a minimum, and system misuse risks are low.
Implications: All applications must have the consistent appearance and layout. Thus, a standard layout must be developed and usability testing criteria must be implemented.
Guidelines for user interfaces should not be constrained by narrow assumptions about user location, language, systems training, or physical capability.
Factors such as linguistics, customer physical infirmities (visual acuity, ability to use keyboard/mouse), and proficiency in the use of technology have broad ramifications in determining the ease-of-use of an application.
Design for consumer based self-service and provisioning automation
Solutions must consider locale and language specific needs of a global client base
Principle 9: Engineer Solutions With Strong Design Foundations
Statement: Technology choices regarding the building and integration of technology capabilities should be governed by underlying design principles, established patterns and recommended standards.
Rationale: The enterprise architecture is built over low-coupling, modular components that implement services that are consumed through standard interfaces
Implications: Understand the context and environment vs designing in isolation. Look inside and outside before building solutions.
Incorporate non-functional requirements including interoperability, flexibility, maintainability, scalability and business continuity
Promote technology independence to avoid dependence on vendors and platforms
Design with the core architectural principles of abstraction, encapsulation, cohesion, and low coupling in mind
Design for automation of testing, deployment and recovery
Principle 10: Anticipate And Plan For Change
Statement: IT systems are conceived to generate change, and they reflect alterations in laws, social needs, or others’ of changes. Adaptability and flexibility reduce the complexity and promote integration, which improves the company’s business activities.
Rationale: Business and Technology is in a constant state of change. The company operates in a regulated environment that introduces new products and services, new ways of interacting with customers and new responses to competition.
Prudent design choices can reduce the cost and impact of such changes Implications
Know where we are going and build towards it
Make decisions based on long term impact to the organization versus short term project goals
Each part of the organization exists to enable and fulfill the objectives of the enterprise
Deliver quick wins while moving toward the future state
Excessive customization increases costs and reduces the ability to adapt.
Efficiency, need, and common sense are not the only incentives. Changes in standards and regulations might lead to changes in processes or application
Enterprise policy is to abide by laws, policies and regulations. This will not preclude business process improvement lead to changes in policies and regulations
So What Do This Mean To Me?
Focus on the customer and make decisions that add value to the customer. Make thoughtful risk based decisions, but speed matters in business so have a bias for action. Service before self, act as owners of the business, think globally act locally. All systems will eventually fail, design reliable systems so customers be able to continue conducting their normal activities, regardless of a failure. Information is a valuable enterprise asset and must be managed accordingly.
Information security is everyone’s business, build layered controls for maximum protection and build it secure from the start. Control technical diversity, reuse what we have, buy what we need, build for competitive edge. Applications should be easy to use and transparent to users, so it enables them to concentrate on their tasks, drive for ease of use. The enterprise architecture is built over low-coupling, modular components that implement services that are consumed through standard interfaces, engineer solutions with strong design foundations. The only constant in business and life is change, so anticipate and plan for change.
Reference
- TOGA Architecture Principles http://pubs.opengroup.org/architecture/togaf8-doc/arch/chap29.html
- IBM Architecture Principles https://www.ibm.com/developerworks/rational/library/enterprise-architecture-financial-sector/
- Microsoft Principles of Software Architecture https://docs.microsoft.com/en-us/previous-versions/msp-n-p/ee658124(v=pandp.10)